haskell/cryptonite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
f9a0bc3c53
cryptonite/Crypto/PubKey/RSA
History
Baojun Wang f9a0bc3c53 Allow sign/verify digest directly 
currently sign/verify works on message directly, it would be nice if PSS could sign/verify digest directly. This is useful for:

  1) for some signing server it only has a digest (without message)
  2) message could be very large, for cases when client need request a singing server to sign, it may make more sense for the client to compute digest, then ask server to (PSS) sign the digest
  3) openSSL pkeyutl (PSS) sign operation signs with digest only, not the message, it would be nice to work with openSSL more easily 

*openSSL command line:
```shell
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -sign -inkey "pri.key" -in hmac.bin > sig.bin
openssl pkeyutl -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1  -pkeyopt digest:sha256 -verify -inkey "pri.key" -in hmac.bin -sigfile sig.bin
```
2017-05-15 19:42:19 -07:00
..
OAEP.hs [pubkey] remove bytestring from MaskGenFunction 2015-05-21 11:09:48 +01:00
PKCS15.hs [doc] Add missing documentation call 2015-11-04 15:18:05 +00:00
Prim.hs [RSA] remove ByteString from Primitive module 2015-05-21 14:32:53 +01:00
PSS.hs Allow sign/verify digest directly 2017-05-15 19:42:19 -07:00
Types.hs add optional support for deepseq 2015-05-22 18:35:46 +01:00